I'm trying to use a batch FOR loop inside a psexec. I need to make a script that offers me the possibility to choose the subfolders (I store the items in %list_of_items%) in %local_folder% that are needed to be copied with ncftpput on remote server. I cannot put the entire psexec inside the loop because I dont want to insert every time the password.
The piece of code:
psexec \\remote_server -u DOMAIN\user cmd /c FOR %%i IN "%list_of_items%" DO ("ncftpput -f c:\folders\file_with_creds.cfg -R remote_folder/ %local_folder%/%%i")
Example
I have:
%local_folder%\folder111
%local_folder%\folder222
%local_folder%\folder333
I choose to copy the items folder111 and folder333 so I store them in %list_of_items%. For every item in the list I need to run ncftpput to transfer to remote server the folder but doesnt work....
The error:
"folder111" was unexpected at this time.
cmd exited on remote_server with error code 1.
Can you help me please to find what I'm doing wrong?
Thank you.
Related
I want to call (execute) a cmd or ps1 script remotely from one Windows 2016 Server 2016 on another. The problem is that script access to a \\network-share is denied.
Reproduce:
(1) a batch or ps1 script with specific Domain-User to \\network-share is successful:
dir \\network-share results in what it should.
(2) try to execute this script from another server via wmic or ps1 with the same user that has access to \\network-share (wmic /node:"node" /user:"domain\usr" /password:"pwd" process call create "cmd.exe /c C:\temp\cmd.bat").
The cmd.bat contains: dir \\network-share or dir \\<UNC-FQDN>\share or dir \\<IP>\share and always gets „Access is denied“ although domain\usr itself has access to the \\network-share.
(3) the identical routine (2) with dir C:\temp runs like expected.
Already tried some registry keys, e.g.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies]
DisableLoopbackCheck
DisableStrictNameChecking
BackConnectionHostNames
LocalAccountTokenFilterPolicy
Maybe one of those is needed on both machines and I did not try every option but to understand what might be the problem here could help I guess.
So, thx & Kind Regards :-)
In the meantime I found two ways to overcome the problem:
a) using Sysinternals PsExec.exe -u domain\user -p pwd -i \\node C:\temp\cmd.bat
b) Create a Scheduled Task on the target machine that can be executed remotely by C:\Windows\System32\schtasks.exe /run /tn "name of the task" /s node /u domain\user /p pwd
Maybe this will help somebody else.
I'm using the 'qwinsta' cmd command to get the session ID of a remote computer and output it to a textfile, so I create a new batch file and write the command then I try running the batch file through python but it only returns the first line of the output. When I run the batch file by simply double-clicking it it works properly.
Using python 2.7:
def run_qwinsta(self, computerName):
qwinsta_check = open("q.bat", "w")
qwinsta_check.write('PsExec -u <username> -p <password> \\\\' + computerName + ' qwinsta' + ' > "q.txt" ')
qwinsta_check.close()
os.system("q.bat")
Expected results:
SESSIONNAME USERNAME ID STATE TYPE DEVICE
>services 0 Disc
console <username> 1 Active
rdp-tcp 65536 Listen
Actual results:
SESSIONNAME USERNAME ID STATE TYPE DEVICE
I would recommend you to avoid writing the batchfile, If you can. You can execute your batch command from os.system(). Also you can try using subprocess (documentation here) and then redirecting the stdout and stderr to file.
EDIT:
PsExec is a good choice, but If you want another way, you can also use ssh.
You can run PsExec from os.system() and then write the response to text file on the remote machine. The default PsExec working directory is System32 there you can find your text file.
Tested code:
import os
os.system('Psexec \\\\SERVER cmd.exe /c "tasklist > process_list.txt"')
I used tasklist, because I don't have qwinsta on my remote machine.
If you want to store the PsExec response on your machine you can use subprocess and then redirect the stdout to text file.
Tested code:
import subprocess
process_list = open("process_list.txt", "w")
subprocess.call(['Psexec', '\\\\SERVER', 'tasklist'], stdout=process_list)
process_list.close()
Actually I used Python 3.x, because I don't have Python 2.x, but it should work on both.
If this still didn't solve your problem, please provide more details to your question!
I have a batch script that makes backups from remote camera drives on a private network using wget:
echo off
SETLOCAL ENABLEDELAYEDEXPANSION
FOR %%i in (1 2 3 4 5) DO (
wget64 --http-user admin --http-password instar -r -l inf -nc -e robots=off --directory-prefix=C:/temp/VID_DOWNLOAD -A "*.avi" -R "*999999.avi" http://192.168.0.11%%i/sd/
)
Sometimes (I have not been able to identify why), the wget encounters a problem and must terminate. This generates a dialogue that requires user interaction.
It does not bother me if there is an error, since the script is launched automatically every 5 minutes and wget eventually works fine. The problem is that I manually have to intervene and acknowledge the error.
I don't have much information about the error - it shows up like this:
Would it be possible to get wget to fail silently?
I've gotten some help with an earlier part of this batch file, but now I'm having trouble with the final component.
I've tried a few things with no success. I tried changing the CRLF to LF which did nothing. I also tried rephrasing the commands a few ways but I am still not getting anywhere. The following is my main batch file.
#echo on
REM delete deauth command file
SET OutFile="C:\temp\Out2.txt"
IF EXIST "%OutFile%" DEL "%OutFile%"
plink -v -ssh *#x.x.x.x -pw PW -m "c:\temp\WirelessDump.txt" > "C:\temp\output.txt"
setlocal
for /f %%a in (C:\temp\output.txt) do >> "Out2.txt" echo wir cli mac-address %%a deauth forced
REM Use commands in out2 to deauth
plink -v -ssh *#x.x.x.x -pw PW -m "c:\temp\Out2.txt"
pause
Below this sentence is the command found in Out2 which I think is giving the actual trouble. The number of lines varies but they are all this particular command just with differing MACs.
wir cli mac-address xxxx.xxxx.xxxx deauth forced
If Out2 has only a single line it runs fine, no issues. But when there are multiple lines, it fails with an error stating that the Line has an invalid autocommand. It's almost as if it was reading it as one contiguous command. As I mentioned above I changed from CRLF to LF hoping IOS would like it better, but that failed. I've tried adding extra lines between the commands, and I've tried calling the login every time from that file.
I am hoping that there is a way to tailor the commands to pass all lines one at a time to keep this down to a minimum of files.
I had another thought but it is kinda/very clunky. If there was a way to output each of those MAC deauth commands to their own file in a saperate folder (out1, out2, out3), and have the BAT able to run all the randomly generated files in that folder so that each one is a separated plink session.
Let me know if I need to change/add/elaborate on anything. Thanks in advance for anything you guys are willing to help with. I appreciate it.
EDIT: Martin has pointed out what the limitation actually is. It appears to be a limitation on Cisco to accept blocks of commands through SSH. So I still have the same question really, I just need some help figuring a workaround to this issue. I'm thinking the multiple file solution I mentioned above may have some possibility. But I'm too much of a noob to know how to make that work. I'll update if I have any breakthroughs though. Thanks for any contributions!
It's actually a known limitation of Cisco, that it does not support multiple commands in an SSH "exec" channel command.
Quoting section 3.8.3.6 -m: read a remote command or script from a file of PuTTY/Plink manual:
With some servers (particularly Unix systems), you can even put multiple lines in this file and execute more than one command in sequence, or a whole shell script; but this is arguably an abuse, and cannot be expected to work on all servers. In particular, it is known not to work with certain ‘embedded’ servers, such as Cisco routers.
Though you can probably still feed multiple commands to Plink input:
(
echo command 1
echo command 2
echo command 3
echo exit
) | plink -v -ssh user#host -pw password > output.txt
Or you can simply use an input file:
plink -v -ssh user#host -pw password < input.txt > output.txt
Similar question: A way of typing multiple commands in cmd.txt file using PuTTY batch against Cisco
This works without cmd.exe and using files:
function Invoke-PlinkCommandsIOS {
param (
[Parameter(Mandatory=$true)][string] $Host,
[Parameter(Mandatory=$true)][System.Management.Automation.PSCredential] $Credential,
[Parameter(Mandatory=$true)][string] $Commands,
[Switch] $ConnectOnceToAcceptHostKey = $false
)
$PlinkPath="$PSScriptRoot\plink.exe"
$commands | & "$PSScriptRoot\plink.exe" -ssh -2 -l $Credential.GetNetworkCredential().username -pw "$($Credential.GetNetworkCredential().password)" $Host -batch
}
Usage: dont forget your exit's and terminal length 0 or it will hang
PS C:\> $Command = "terminal lenght 0
>> show running-config
>> exit
>> "
>>
PS C:\> Invoke-PlinkCommandsIOS -Host ace-dc1 -Credential $cred -Commands $Command
....
Sounds like your file 'Out2.txt' has only LF at end of line. Simple way to convert that to CRLF is to use MORE command and redirect output to a new file and then use the new file.
more Out2.txt > Out2CRLF.txt
I ran into the same issue when trying to pull the full list of ACLs on an ASA via plink in powershell.
Essentially, due to the abuse issue referenced in the documentation: https://the.earth.li/~sgtatham/putty/0.72/htmldoc/Chapter3.html#using-cmdline-m, I was getting inconsistent results in pulling the ACLs. Sometimes I would get 0, sometimes only 1 or 2, and sometimes I would get all of them. (I personally, had about a 1 in 5 success rate).
As I would occasionally be successful I used a while loop that would catch the unsuccessful attempts and retry. Just be sure to put some timing on the while loop to prevent it from spamming ssh connections too much.
It is not a good solution, but it worked as a last resort.
I'm trying to create a script just to run other scripts and do some extra stuff in case of successful or failure.
You have the full code on this link just to try to be clear what I'm trying to achieve.
Basically I want to:
-- DO SOME STUFF HERE
r: "$(fileName)"
-- MORE STUFF HERE
and call it from sqlcmd this way:
sqlcmd -i "RunScript.sql" -v fileName="someFileName.sql" -s server -d database
But I can't, I'm getting the following error:
Msg 102, Level 15, State 1, Server SERVER, Line 19 Incorrect syntax
near 'someFileName.sql'.
So, it seems that the little r: couldn't be used with a parameter on his side.
Just to clarify, someFileName.sql isn't in the SQL Server, but in my machine, so I couldn't use this way to read the file. In fact, I just tried it later.
Is there a workaround to archive this? Any ideas to solve it?
You could break your current RunScript.sql script into separate header and footer SQL scripts and concatenate them together with a SQL script in the middle that is denoted by an input parameter to a CMD script. For example:
RunSQL.CMD consists of:
#ECHO OFF
COPY /V /Y RunScriptHeader.sql + %1 + RunScriptFooter.sql RunScriptTemp.sql
SQLCMD -i "RunScriptTemp.sql" -s server -d database
The /V does a verify on the copy
The /Y suppresses prompting to confirm overwriting an existing file
You would run it as follows:
RunSQL.CMD someFileName.sql